Perdition-users

perdition-users@vergenet.net

327 discussions

by Sven Vogel

i resend this message. maybe anyone can help me. i have the following Problem. I use Courier-Imap 4.0.6 and Perdition 1.17 and Openssl 0.9.8e-r3 I want to connect with TLS1. i get the following Error in my mail.log. ... perdition[21437]: SELF: "flim08 STARTTLSrn" perdition[21437]: REAL: "flim08 OK Begin SSL/TLS negotiation now.rn" imapd: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number ... In my perdition.conf i set ssl_mode to tls_all. i set my courier to a another port 144 and pertition works on 143. i dont know do i have error in reasoning or do i have a problem with my openssl. when its correct so i can use Courier IMAP with port 143(for xample 144) with STARTTLS and SSL on Port 993. The problem is i have two configurations files. One /etc/courier-imap/imapd (Port 143) and /etc/courier-imap/imapd-ssl (Port 993). If i understand it correct so i normally have no (TLS/SSL) on port 143 only on port 993. But courier uses STARTTLS on port 143. I dont know maybe i have to use only plaintext login. Maybe there should not STARTTLS on port 143. for port 993 i used ssl_mode ssl_all and setup my ssl_ca_file and my ssl_cert_file. its a self signed certificate from my own certificate authority. i dont know but i should comment out ssl_cert_accept_self_signed. i also dont get it run with 993. do i have forgotten something? maybe i should only use 993 with certificates but i dont see the problem at the moment. (i set my courier for listening to port 994) i hope anyone can give me some tips. thanks Sven -- Qform Sven Vogel Gletschersteinstr.41 04299 Leipzig Germany EMail: sven.vogel(a)qform.de

16 years, 6 months

idle timeout values?

by bluefeather＠logixonline.com

Hello, I understand that the default timeout is 1800s (30minutes). That seems like a lot of time to just sit there while nothing is going on. What values are people using in a real world environment, more like for just pop3. I understand antivirus programs now adays act as proxy for mail and can sometimes hang clients. Thanks eric c bluefeather(a)logixonline.com

16 years, 6 months

RE : tls_listen_force, perdition 1.17 on Ubuntu server 6.06LTS broken?

by Laurent Licour

Same problem with 1.17.1 on Centos5 and Fedora 7 I think i have found the problem this is a (little) stack overflow in option.c. I think that this handle by recent versions of gcc with stack-protector option Here is the patch : --- perdition/options.c.ori 2007-11-02 05:42:00.000000000 +0100 +++ perdition/options.c 2007-11-02 05:42:16.000000000 +0100 @@ -894,7 +894,7 @@ char lower_case[40]; char strip_domain[40]; #ifdef WITH_SSL_SUPPORT - char ssl_mode[26]; + char ssl_mode[40]; char *ssl_mode_p = NULL; #endif /* WITH_SSL_SUPPORT */ This is not optimal, but other parts of the code also use static buffers -- Laurent LICOUR -------------------------------------------- Mail : laurent(a)licour.com PGP KeyID 0xDA160AA2 FingerPrint 0920 EC01 F265 C9EA 537E 7AEE 986F 58C6 DA16 0AA2

16 years, 6 months

Re: [PERDITION-USERS] [ANNOUNCE] CVE-2007-5740 Security Bug in Perdition / Perdition 1.17.1

by Simon Matter

> > I actually built from the source-RPM provided by Simon since > I'm all RedHat here. I confess to being clueless how the RPM stuff > works beyond running rpmbuild against it. Anyone have a pointer > to information on how I could get this into an i368 RPM? I have updated the source RPM to 1.17.1: http://www.invoca.ch/pub/packages/perdition/ Regards, Simon

16 years, 6 months

[ANNOUNCE] CVE-2007-5740 Security Bug in Perdition / Perdition 1.17.1

by Simon Horman

Hi all, I wish to advise that a security vulnerability has been found in perdition which may lead to an attacker being able to execute arbitrary code on the machine running perdition without the need for authentication. Details of the bug can be found at http://archives.neohapsis.com/archives/fulldisclosure/2007-10/0889.html A Patch to resolve the problem has been committed to CVS http://perdition.cvs.sourceforge.net/perdition/perdition/perdition/imap4_in… A bug-fix release, 1.17.1 has been made. This includes a minimal set of changes on top of 1.17 http://www.vergenet.net/linux/perdition/download/1.17.1/ There are also interim Debian packages under the URL above. The bug will be hence forth tracked as CVE-2007-5740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740 -- Horms H: http://www.vergenet.net/~horms/ W: http://www.valinux.co.jp/en/

16 years, 6 months

SSL3_GET_RECORD:wrong version number

by Sven Vogel

I have a Problem. I use Courier-Imap 4.0.6 and Perdition 1.17 and Openssl 0.9.8e-r3 I want to connect with TLS1. i get the following Error in my mail.log. ... perdition[21437]: SELF: "flim08 STARTTLSrn" perdition[21437]: REAL: "flim08 OK Begin SSL/TLS negotiation now.rn" imapd: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number ... In my perdition.conf i set ssl_mode to tls_all. i set my courier to a another port 144 and pertition works on 143. i dont know do i have error in reasoning or do i have a problem with my openssl? i tryed everything but i dont got it work. maybe anyone can help me. thanks Sven -- Qform Sven Vogel

16 years, 6 months

Michael Gaskins is out of the office.

by MBGaskins＠co.berkeley.sc.us

I will be out of the office starting Wed 08/23/2006 and will not return until Thu 10/18/2007. I will respond to your message when I return.

16 years, 7 months

OT - just a test

by Jp

Sorry. I subscribed but didn't get messages so far. Therefore, decided to make this test. Jp

16 years, 7 months

Away...

by Simon Horman

Hi Everyone, I'd like to appologise for being so quiet of late. I've been quite busy working on some other projects. And I've been quite busy getting married. I'm currently on my honeymoon, but when I get back I should have some time to sift through the mailing list and address any bug reports. Ideally I would like to release perdition 1.18 in the not to distant future - its been far too long between drinks. So if there are any pressing bug fixes or other changes that you would like in that release, please send them here, and please CC me. -- Horms H: http://www.vergenet.net/~horms/ W: http://www.valinux.co.jp/en/

16 years, 7 months

Supporting virtual domains with MySQL

by Gerard

Currently I am running virtual domains using the pasted config below. I need to find a way to do this without running the concat in the mysql command. It is causing major issues with mysql since it does not handle concat in the where clause properly. Does anyone have a better way? map_library_opt "hostname:3306:database:table:username:password:servername:concat(user,\'@\',domain):port"

16 years, 7 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Perdition-users